Event Description

Overview: This course explains treacherous Ransomware threats attacking the Healthcare Industry and how to prevent, prepare for, respond to and recover from a Ransomware attack. It covers HIPAA Rules that apply to Ransomware, compliance with the HIPAA Rules and how to conduct a HIPAA Breach Risk Assessment to prove a Ransomware attack did not result in a Breach of Unsecured Protected Health Information (PHI) - a violation of the HIPAA Privacy Rule.

Why should you Attend:

Ransomware including new, more treacherous varieties used by cyber-criminals to attack the Healthcare Industry HIPAA Rules that apply to Ransomware attacks "Social Engineering" tricks criminals use to sneak Ransomware into Electronic Information Systems What to do if your organization suffers a Ransomware attack Best practices to: Prevent Prepare Respond Recover from Ransomware Attacks How to do a HIPAA Breach Risk Assessment to determine if a Ransomware attack resulted in a HIPAA Breach - or not - if the assessment demonstrates a low probability of compromise to PHI What the HIPAA Breach Notification Rule requires when a Ransomware attack does result in a Breach of Unsecured PHI The interconnected roles and responsibilities of Covered Entities and BAs under the HIPAA Breach Notification Rule concerning Ransomware attacks

Areas Covered in the Session:

Introduction - Course Agenda and Objectives What is Ransomware? Why is the Healthcare Industry a Prime Target? HIPAA Law and HIPAA Rules that apply to Ransomware Attacks Covered Entity - Business Associate Relationship, Responsibilities, Interdependent Liabilities What to Do if (when) your organization suffers a Ransomware Attack Preliminary Description - HIPAA Breach Risk Assessment Best Practices to Prevent a Ransomware Attack How to Prepare for a Ransomware Attack How to Respond to a Ransomware Attack To pay or not to pay? Law EnforcementHow to Recover from a Ransomware Attack How to do a HIPAA Breach Risk Assessment - Demonstration What to do if the Ransomware Attack caused a HIPAA Breach Step-by-Step Breach Notification Requirements Documentation Notifications - Fewer than 500 Individuals affected Notifications - More than 500 Individuals affected Questions, Answers, Discussion

Speaker ProfilePaul R. Hales J.D, is an attorney at law in St. Louis, Missouri whose practice has included specialization in the HIPAA Privacy and Security Rules from the dates they became effective. He provides assistance and counseling on the new, more demanding compliance requirements of the HITECH modifications to HIPAA. Mr. Hales is licensed to practice before the Supreme Court of the United States, Federal Appellate and District Courts, the State Courts of Missouri and is a graduate of Columbia University Law School.

Latest Activity

One of the important relationships that define an organization’s destiny is the one between the mentor and mentee. When handled properly, it is a highly effective means of delegating, increasing productivity, raising the organization’s profile, and for accomplishing a number of business goals.The way an organization charts its mentor-mentee relationship is largely subjective and individual. It is difficult to lay down strict rules for this kind of relationship. Yet, if there is no clarity on…See More

With HIPAA now being fully enforced and the government getting stricter and stricter about its implementation; practice or business or compliance officers need to be absolutely thorough about all the areas of HIPAA implementation. Given that there are enormous issues of risks that Covered Entities and their Business Associates need to address; the need to be fully aware of the changes that the Omnibus Rule has brought…See More

Whether working at home or outside, to observe safety should be our pre-requisite. The employer before anything must be sure of the safety of its employees especially the ones working in mines or any…Continue